Card-not-present (CNP) fraud increased by 40% in 2016, driven by closing opportunities for POS fraud and the growth of e- and m-commerce.
In 2015, the US began its rollout of the EMV card payment system, or what most consumers commonly know as a “chip” card. These credit and debit cards contain a microchip that transmits the transaction, rather than the old magnetic stripe. The technology is more secure in many ways but has required updated point-of-sale (POS) payment machines, which has slowed down the adoption of these cards while retailers make the switch.
EMV cards, named for the three major credit card issuers who developed the technology years ago, have led to an unexpected consequence as hackers and identity thieves work to game the system: a rise in “card-not-present” transaction fraud. A Javelin study on EMV cards found a 40% increase in 2016 over the prior year in “card-not-present” abuse.
This kind of transaction occurs when there was no “swipe” at the register, such as online transactions, phone orders, or even keyed in numbers. Since the microchips make it harder to copy stolen credit card information onto a new blank card, criminals are resorting to “card-not-present” abuse with stolen credit card data in order to make a buck.
Fortunately, there’s a great way to fight back against this kind of fraud. Many credit card companies and financial institutions offer text message or emailed alerts that will tell you immediately if a “card-not- present” transaction has occurred on your account. The message will let you know the date and the retailer where the transaction was made, so you can see immediately if this is a legitimate charge—such as a previously established autopay on your cell phone bill each month—or if it’s a charge you don’t recognize. If it looks shady, just call the number provided in the message and a customer service representative will discuss the charge with you. Signing up for these alerts is usually a simple process, and in many cases can be done online.
“I was on my daughter’s school field trip when I happened to check my emails on my phone,” said one consumer who spoke to the Identity Theft Resource Center. “There was an alert, and it turns out someone had used my credit card number at a cell phone store in Vermont. I called my credit card company, and they voided that transaction. They also reported it to the police since the employee at the store had to have keyed in the numbers without my card present, and my new card was in the mail before the field trip was over.”
Of course, no matter what system your card uses and what future innovations may come along, there’s no replacement for being proactive about your finances. Check your account statements regularly for unusual activity and monitor your credit reports routinely in order to head off any suspicious signs or inquiries as soon as possible. Make sure you’re using strong, unique passwords on your accounts, and change them from time to time to thwart illegal activity.
How much information are you putting out there? It’s probably too much. We are here to help you stop sharing Too Much Information. Sign up for the TMI Weekly.